|
Medium |
Content Security Policy (CSP) Header Not Set |
| Description |
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
|
|
| URL |
http://83.212.109.249:3001 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 238 bytes.
|
GET http://83.212.109.249:3001 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:08 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/ |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 280 bytes.
|
GET http://83.212.109.249:3001/ HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:13 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/ftp |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 290 bytes.
|
GET http://83.212.109.249:3001/ftp HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/robots.txt
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 338 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Content-Length: 11082
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:08 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 11,071 bytes.
|
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<title>listing directory /ftp</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2, h3 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
h3 {
margin: 5px 0 10px 0;
padding-bottom: 5px;
border-bottom: 1px solid #eee;
font-size: 18px;
}
ul li {
list-style: none;
}
ul li:hover {
cursor: pointer;
color: #2e2e2e;
}
ul li .path {
padding-left: 5px;
font-weight: bold;
}
ul li .line {
padding-right: 5px;
font-style: italic;
}
ul li:first-child .path {
padding-left: 0;
}
p {
line-height: 1.5;
}
a {
color: #555;
text-decoration: none;
}
a:hover {
color: #303030;
}
#stacktrace {
margin-top: 15px;
}
.directory h1 {
margin-bottom: 15px;
font-size: 18px;
}
ul#files {
width: 100%;
height: 100%;
overflow: hidden;
}
ul#files li {
float: left;
width: 30%;
line-height: 25px;
margin: 1px;
}
ul#files li a {
display: block;
height: 25px;
border: 1px solid transparent;
-webkit-border-radius: 5px;
-moz-border-radius: 5px;
border-radius: 5px;
overflow: hidden;
white-space: nowrap;
}
ul#files li a:focus,
ul#files li a:hover {
background: rgba(255,255,255,0.65);
border: 1px solid #ececec;
}
ul#files li a.highlight {
-webkit-transition: background .4s ease-in-out;
background: #ffff4f;
border-color: #E9DC51;
}
#search {
display: block;
position: fixed;
top: 20px;
right: 20px;
width: 90px;
-webkit-transition: width ease 0.2s, opacity ease 0.4s;
-moz-transition: width ease 0.2s, opacity ease 0.4s;
-webkit-border-radius: 32px;
-moz-border-radius: 32px;
-webkit-box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.25), inset 0px 1px 3px rgba(0, 0, 0, 0.7), 0px 1px 0px rgba(255, 255, 255, 0.03);
-moz-box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.25), inset 0px 1px 3px rgba(0, 0, 0, 0.7), 0px 1px 0px rgba(255, 255, 255, 0.03);
-webkit-font-smoothing: antialiased;
text-align: left;
font: 13px "Helvetica Neue", Arial, sans-serif;
padding: 4px 10px;
border: none;
background: transparent;
margin-bottom: 0;
outline: none;
opacity: 0.7;
color: #888;
}
#search:focus {
width: 120px;
opacity: 1.0;
}
/*views*/
#files span {
display: inline-block;
overflow: hidden;
text-overflow: ellipsis;
text-indent: 10px;
}
#files .name {
background-repeat: no-repeat;
}
#files .icon .name {
text-indent: 28px;
}
/*tiles*/
.view-tiles .name {
width: 100%;
background-position: 8px 5px;
}
.view-tiles .size,
.view-tiles .date {
display: none;
}
/*details*/
ul#files.view-details li {
float: none;
display: block;
width: 90%;
}
ul#files.view-details li.header {
height: 25px;
background: #000;
color: #fff;
font-weight: bold;
}
.view-details .header {
border-radius: 5px;
}
.view-details .name {
width: 60%;
background-position: 8px 5px;
}
.view-details .size {
width: 10%;
}
.view-details .date {
width: 30%;
}
.view-details .size,
.view-details .date {
text-align: right;
direction: rtl;
}
/*mobile*/
@media (max-width: 768px) {
body {
font-size: 13px;
line-height: 16px;
padding: 0;
}
#search {
position: static;
width: 100%;
font-size: 2em;
line-height: 1.8em;
text-indent: 10px;
border: 0;
border-radius: 0;
padding: 10px 0;
margin: 0;
}
#search:focus {
width: 100%;
border: 0;
opacity: 1;
}
.directory h1 {
font-size: 2em;
line-height: 1.5em;
color: #fff;
background: #000;
padding: 15px 10px;
margin: 0;
}
ul#files {
border-top: 1px solid #cacaca;
}
ul#files li {
float: none;
width: auto !important;
display: block;
border-bottom: 1px solid #cacaca;
font-size: 2em;
line-height: 1.2em;
text-indent: 0;
margin: 0;
}
ul#files li:nth-child(odd) {
background: #e0e0e0;
}
ul#files li a {
height: auto;
border: 0;
border-radius: 0;
padding: 15px 10px;
}
ul#files li a:focus,
ul#files li a:hover {
border: 0;
}
#files .header,
#files .size,
#files .date {
display: none !important;
}
#files .name {
float: none;
display: inline-block;
width: 100%;
text-indent: 0;
background-position: 0 50%;
}
#files .icon .name {
text-indent: 41px;
}
}
#files .icon-directory .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAALGPC/xhBQAAAWtQTFRFAAAA/PPQ9Nhc2q402qQ12qs2/PTX2pg12p81+/LM89NE9dto2q82+/fp2rM22qY39d6U+/bo2qo2/frx/vz32q812qs12qE279SU8c4w9NZP+/LK//367s9y7s925cp0/vzw9t92//342po2/vz25s1579B6+OSO2bQ0/v799NyT8tE79dld8Msm+OrC/vzx79KA2IYs7s6I9d6R4cJe9+OF/PLI/fry79OF/v30//328tWB89RJ8c9p8c0u9eCf//7+9txs6sts5Mdr+++5+u2z/vrv+/fq6cFz8dBs8tA57cpq+OaU9uGs27Y8//799NdX/PbY9uB89unJ//z14sNf+emh+emk+vDc+uys9+OL8dJy89NH+eic8tN5+OaV+OWR9N2n9dtl9t529+KF9+GB9Nue9NdU8tR/9t5y89qW9dpj89iO89eG/vvu2pQ12Y4z/vzy2Ict/vvv48dr/vzz4sNg///+2Igty3PqwQAAAAF0Uk5TAEDm2GYAAACtSURBVBjTY2AgA2iYlJWVhfohBPg0yx38y92dS0pKVOVBAqIi6sb2vsWWpfrFeTI8QAEhYQEta28nCwM1OVleZqCAmKCEkUdwYWmhQnFeOStQgL9cySqkNNDHVJGbiY0FKCCuYuYSGRsV5KgjxcXIARRQNncNj09JTgqw0ZbkZAcK5LuFJaRmZqfHeNnpSucDBQoiEtOycnIz4qI9bfUKQA6pKKqAgqIKQyK8BgAZ5yfODmnHrQAAAABJRU5ErkJggg==);
}
#files .icon-text .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAADoSURBVBgZBcExblNBGAbA2ceegTRBuIKOgiihSZNTcC5LUHAihNJR0kGKCDcYJY6D3/77MdOinTvzAgCw8ysThIvn/VojIyMjIyPP+bS1sUQIV2s95pBDDvmbP/mdkft83tpYguZq5Jh/OeaYh+yzy8hTHvNlaxNNczm+la9OTlar1UdA/+C2A4trRCnD3jS8BB1obq2Gk6GU6QbQAS4BUaYSQAf4bhhKKTFdAzrAOwAxEUAH+KEM01SY3gM6wBsEAQB0gJ+maZoC3gI6iPYaAIBJsiRmHU0AALOeFC3aK2cWAACUXe7+AwO0lc9eTHYTAAAAAElFTkSuQmCC);
}
#files .icon-default .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAC4SURBVCjPdZFbDsIgEEWnrsMm7oGGfZrohxvU+Iq1TyjU60Bf1pac4Yc5YS4ZAtGWBMk/drQBOVwJlZrWYkLhsB8UV9K0BUrPGy9cWbng2CtEEUmLGppPjRwpbixUKHBiZRS0p+ZGhvs4irNEvWD8heHpbsyDXznPhYFOyTjJc13olIqzZCHBouE0FRMUjA+s1gTjaRgVFpqRwC8mfoXPPEVPS7LbRaJL2y7bOifRCTEli3U7BMWgLzKlW/CuebZPAAAAAElFTkSuQmCC);
}
</style>
<script>
function $(id){
var el = 'string' == typeof id
? document.getElementById(id)
: id;
el.on = function(event, fn){
if ('content loaded' == event) {
event = window.attachEvent ? "load" : "DOMContentLoaded";
}
el.addEventListener
? el.addEventListener(event, fn, false)
: el.attachEvent("on" + event, fn);
};
el.all = function(selector){
return $(el.querySelectorAll(selector));
};
el.each = function(fn){
for (var i = 0, len = el.length; i < len; ++i) {
fn($(el[i]), i);
}
};
el.getClasses = function(){
return this.getAttribute('class').split(/\s+/);
};
el.addClass = function(name){
var classes = this.getAttribute('class');
el.setAttribute('class', classes
? classes + ' ' + name
: name);
};
el.removeClass = function(name){
var classes = this.getClasses().filter(function(curr){
return curr != name;
});
this.setAttribute('class', classes.join(' '));
};
return el;
}
function search() {
var str = $('search').value.toLowerCase();
var links = $('files').all('a');
links.each(function(link){
var text = link.textContent.toLowerCase();
if ('..' == text) return;
if (str.length && ~text.indexOf(str)) {
link.addClass('highlight');
} else {
link.removeClass('highlight');
}
});
}
$(window).on('content loaded', function(){
$('search').on('keyup', search);
});
</script>
</head>
<body class="directory">
<input id="search" type="text" placeholder="Search" autocomplete="off" />
<div id="wrapper">
<h1><a href=".">~</a> / <a href="ftp">ftp</a></h1>
<ul id="files" class="view-tiles"><li><a href="ftp/quarantine" class="icon icon-directory" title="quarantine"><span class="name">quarantine</span><span class="size"></span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/acquisitions.md" class="icon icon icon-md icon-text" title="acquisitions.md"><span class="name">acquisitions.md</span><span class="size">909</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/announcement_encrypted.md" class="icon icon icon-md icon-text" title="announcement_encrypted.md"><span class="name">announcement_encrypted.md</span><span class="size">369237</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/coupons_2013.md.bak" class="icon icon icon-bak icon-default" title="coupons_2013.md.bak"><span class="name">coupons_2013.md.bak</span><span class="size">131</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/eastere.gg" class="icon icon icon-gg icon-default" title="eastere.gg"><span class="name">eastere.gg</span><span class="size">324</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/encrypt.pyc" class="icon icon icon-pyc icon-default" title="encrypt.pyc"><span class="name">encrypt.pyc</span><span class="size">573</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/incident-support.kdbx" class="icon icon icon-kdbx icon-default" title="incident-support.kdbx"><span class="name">incident-support.kdbx</span><span class="size">3246</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/legal.md" class="icon icon icon-md icon-text" title="legal.md"><span class="name">legal.md</span><span class="size">3047</span><span class="date">5/29/2024 7:58:02 AM</span></a></li>
<li><a href="ftp/package.json.bak" class="icon icon icon-bak icon-default" title="package.json.bak"><span class="name">package.json.bak</span><span class="size">4291</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="ftp/suspicious_errors.yml" class="icon icon icon-yml icon-text" title="suspicious_errors.yml"><span class="name">suspicious_errors.yml</span><span class="size">723</span><span class="date">4/22/2024 12:39:10 PM</span></a></li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/ |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 295 bytes.
|
GET http://83.212.109.249:3001/ftp/ HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/quarantine
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 338 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Content-Length: 11086
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:19 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 11,032 bytes.
|
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<title>listing directory /ftp/</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2, h3 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
h3 {
margin: 5px 0 10px 0;
padding-bottom: 5px;
border-bottom: 1px solid #eee;
font-size: 18px;
}
ul li {
list-style: none;
}
ul li:hover {
cursor: pointer;
color: #2e2e2e;
}
ul li .path {
padding-left: 5px;
font-weight: bold;
}
ul li .line {
padding-right: 5px;
font-style: italic;
}
ul li:first-child .path {
padding-left: 0;
}
p {
line-height: 1.5;
}
a {
color: #555;
text-decoration: none;
}
a:hover {
color: #303030;
}
#stacktrace {
margin-top: 15px;
}
.directory h1 {
margin-bottom: 15px;
font-size: 18px;
}
ul#files {
width: 100%;
height: 100%;
overflow: hidden;
}
ul#files li {
float: left;
width: 30%;
line-height: 25px;
margin: 1px;
}
ul#files li a {
display: block;
height: 25px;
border: 1px solid transparent;
-webkit-border-radius: 5px;
-moz-border-radius: 5px;
border-radius: 5px;
overflow: hidden;
white-space: nowrap;
}
ul#files li a:focus,
ul#files li a:hover {
background: rgba(255,255,255,0.65);
border: 1px solid #ececec;
}
ul#files li a.highlight {
-webkit-transition: background .4s ease-in-out;
background: #ffff4f;
border-color: #E9DC51;
}
#search {
display: block;
position: fixed;
top: 20px;
right: 20px;
width: 90px;
-webkit-transition: width ease 0.2s, opacity ease 0.4s;
-moz-transition: width ease 0.2s, opacity ease 0.4s;
-webkit-border-radius: 32px;
-moz-border-radius: 32px;
-webkit-box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.25), inset 0px 1px 3px rgba(0, 0, 0, 0.7), 0px 1px 0px rgba(255, 255, 255, 0.03);
-moz-box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.25), inset 0px 1px 3px rgba(0, 0, 0, 0.7), 0px 1px 0px rgba(255, 255, 255, 0.03);
-webkit-font-smoothing: antialiased;
text-align: left;
font: 13px "Helvetica Neue", Arial, sans-serif;
padding: 4px 10px;
border: none;
background: transparent;
margin-bottom: 0;
outline: none;
opacity: 0.7;
color: #888;
}
#search:focus {
width: 120px;
opacity: 1.0;
}
/*views*/
#files span {
display: inline-block;
overflow: hidden;
text-overflow: ellipsis;
text-indent: 10px;
}
#files .name {
background-repeat: no-repeat;
}
#files .icon .name {
text-indent: 28px;
}
/*tiles*/
.view-tiles .name {
width: 100%;
background-position: 8px 5px;
}
.view-tiles .size,
.view-tiles .date {
display: none;
}
/*details*/
ul#files.view-details li {
float: none;
display: block;
width: 90%;
}
ul#files.view-details li.header {
height: 25px;
background: #000;
color: #fff;
font-weight: bold;
}
.view-details .header {
border-radius: 5px;
}
.view-details .name {
width: 60%;
background-position: 8px 5px;
}
.view-details .size {
width: 10%;
}
.view-details .date {
width: 30%;
}
.view-details .size,
.view-details .date {
text-align: right;
direction: rtl;
}
/*mobile*/
@media (max-width: 768px) {
body {
font-size: 13px;
line-height: 16px;
padding: 0;
}
#search {
position: static;
width: 100%;
font-size: 2em;
line-height: 1.8em;
text-indent: 10px;
border: 0;
border-radius: 0;
padding: 10px 0;
margin: 0;
}
#search:focus {
width: 100%;
border: 0;
opacity: 1;
}
.directory h1 {
font-size: 2em;
line-height: 1.5em;
color: #fff;
background: #000;
padding: 15px 10px;
margin: 0;
}
ul#files {
border-top: 1px solid #cacaca;
}
ul#files li {
float: none;
width: auto !important;
display: block;
border-bottom: 1px solid #cacaca;
font-size: 2em;
line-height: 1.2em;
text-indent: 0;
margin: 0;
}
ul#files li:nth-child(odd) {
background: #e0e0e0;
}
ul#files li a {
height: auto;
border: 0;
border-radius: 0;
padding: 15px 10px;
}
ul#files li a:focus,
ul#files li a:hover {
border: 0;
}
#files .header,
#files .size,
#files .date {
display: none !important;
}
#files .name {
float: none;
display: inline-block;
width: 100%;
text-indent: 0;
background-position: 0 50%;
}
#files .icon .name {
text-indent: 41px;
}
}
#files .icon-directory .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAALGPC/xhBQAAAWtQTFRFAAAA/PPQ9Nhc2q402qQ12qs2/PTX2pg12p81+/LM89NE9dto2q82+/fp2rM22qY39d6U+/bo2qo2/frx/vz32q812qs12qE279SU8c4w9NZP+/LK//367s9y7s925cp0/vzw9t92//342po2/vz25s1579B6+OSO2bQ0/v799NyT8tE79dld8Msm+OrC/vzx79KA2IYs7s6I9d6R4cJe9+OF/PLI/fry79OF/v30//328tWB89RJ8c9p8c0u9eCf//7+9txs6sts5Mdr+++5+u2z/vrv+/fq6cFz8dBs8tA57cpq+OaU9uGs27Y8//799NdX/PbY9uB89unJ//z14sNf+emh+emk+vDc+uys9+OL8dJy89NH+eic8tN5+OaV+OWR9N2n9dtl9t529+KF9+GB9Nue9NdU8tR/9t5y89qW9dpj89iO89eG/vvu2pQ12Y4z/vzy2Ict/vvv48dr/vzz4sNg///+2Igty3PqwQAAAAF0Uk5TAEDm2GYAAACtSURBVBjTY2AgA2iYlJWVhfohBPg0yx38y92dS0pKVOVBAqIi6sb2vsWWpfrFeTI8QAEhYQEta28nCwM1OVleZqCAmKCEkUdwYWmhQnFeOStQgL9cySqkNNDHVJGbiY0FKCCuYuYSGRsV5KgjxcXIARRQNncNj09JTgqw0ZbkZAcK5LuFJaRmZqfHeNnpSucDBQoiEtOycnIz4qI9bfUKQA6pKKqAgqIKQyK8BgAZ5yfODmnHrQAAAABJRU5ErkJggg==);
}
#files .icon-text .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAADoSURBVBgZBcExblNBGAbA2ceegTRBuIKOgiihSZNTcC5LUHAihNJR0kGKCDcYJY6D3/77MdOinTvzAgCw8ysThIvn/VojIyMjIyPP+bS1sUQIV2s95pBDDvmbP/mdkft83tpYguZq5Jh/OeaYh+yzy8hTHvNlaxNNczm+la9OTlar1UdA/+C2A4trRCnD3jS8BB1obq2Gk6GU6QbQAS4BUaYSQAf4bhhKKTFdAzrAOwAxEUAH+KEM01SY3gM6wBsEAQB0gJ+maZoC3gI6iPYaAIBJsiRmHU0AALOeFC3aK2cWAACUXe7+AwO0lc9eTHYTAAAAAElFTkSuQmCC);
}
#files .icon-default .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAC4SURBVCjPdZFbDsIgEEWnrsMm7oGGfZrohxvU+Iq1TyjU60Bf1pac4Yc5YS4ZAtGWBMk/drQBOVwJlZrWYkLhsB8UV9K0BUrPGy9cWbng2CtEEUmLGppPjRwpbixUKHBiZRS0p+ZGhvs4irNEvWD8heHpbsyDXznPhYFOyTjJc13olIqzZCHBouE0FRMUjA+s1gTjaRgVFpqRwC8mfoXPPEVPS7LbRaJL2y7bOifRCTEli3U7BMWgLzKlW/CuebZPAAAAAElFTkSuQmCC);
}
</style>
<script>
function $(id){
var el = 'string' == typeof id
? document.getElementById(id)
: id;
el.on = function(event, fn){
if ('content loaded' == event) {
event = window.attachEvent ? "load" : "DOMContentLoaded";
}
el.addEventListener
? el.addEventListener(event, fn, false)
: el.attachEvent("on" + event, fn);
};
el.all = function(selector){
return $(el.querySelectorAll(selector));
};
el.each = function(fn){
for (var i = 0, len = el.length; i < len; ++i) {
fn($(el[i]), i);
}
};
el.getClasses = function(){
return this.getAttribute('class').split(/\s+/);
};
el.addClass = function(name){
var classes = this.getAttribute('class');
el.setAttribute('class', classes
? classes + ' ' + name
: name);
};
el.removeClass = function(name){
var classes = this.getClasses().filter(function(curr){
return curr != name;
});
this.setAttribute('class', classes.join(' '));
};
return el;
}
function search() {
var str = $('search').value.toLowerCase();
var links = $('files').all('a');
links.each(function(link){
var text = link.textContent.toLowerCase();
if ('..' == text) return;
if (str.length && ~text.indexOf(str)) {
link.addClass('highlight');
} else {
link.removeClass('highlight');
}
});
}
$(window).on('content loaded', function(){
$('search').on('keyup', search);
});
</script>
</head>
<body class="directory">
<input id="search" type="text" placeholder="Search" autocomplete="off" />
<div id="wrapper">
<h1><a href=".">~</a> / <a href="">ftp</a> / </h1>
<ul id="files" class="view-tiles"><li><a href="quarantine" class="icon icon-directory" title="quarantine"><span class="name">quarantine</span><span class="size"></span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="acquisitions.md" class="icon icon icon-md icon-text" title="acquisitions.md"><span class="name">acquisitions.md</span><span class="size">909</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="announcement_encrypted.md" class="icon icon icon-md icon-text" title="announcement_encrypted.md"><span class="name">announcement_encrypted.md</span><span class="size">369237</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="coupons_2013.md.bak" class="icon icon icon-bak icon-default" title="coupons_2013.md.bak"><span class="name">coupons_2013.md.bak</span><span class="size">131</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="eastere.gg" class="icon icon icon-gg icon-default" title="eastere.gg"><span class="name">eastere.gg</span><span class="size">324</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="encrypt.pyc" class="icon icon icon-pyc icon-default" title="encrypt.pyc"><span class="name">encrypt.pyc</span><span class="size">573</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="incident-support.kdbx" class="icon icon icon-kdbx icon-default" title="incident-support.kdbx"><span class="name">incident-support.kdbx</span><span class="size">3246</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="legal.md" class="icon icon icon-md icon-text" title="legal.md"><span class="name">legal.md</span><span class="size">3047</span><span class="date">5/29/2024 7:58:02 AM</span></a></li>
<li><a href="package.json.bak" class="icon icon icon-bak icon-default" title="package.json.bak"><span class="name">package.json.bak</span><span class="size">4291</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="suspicious_errors.yml" class="icon icon icon-yml icon-text" title="suspicious_errors.yml"><span class="name">suspicious_errors.yml</span><span class="size">723</span><span class="date">4/22/2024 12:39:10 PM</span></a></li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/coupons_2013.md.bak |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 303 bytes.
|
GET http://83.212.109.249:3001/ftp/coupons_2013.md.bak HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 344 bytes.
|
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:13 GMT
Connection: keep-alive
Keep-Alive: timeout=5
content-length: 1936
|
| Response Body
- size: 1,936 bytes.
|
<html>
<head>
<meta charset='utf-8'>
<title>Error: Only .md and .pdf files are allowed!</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
ul li {
list-style: none;
}
#stacktrace {
margin-left: 60px;
}
</style>
</head>
<body>
<div id="wrapper">
<h1>OWASP Juice Shop (Express ^4.17.1)</h1>
<h2><em>403</em> Error: Only .md and .pdf files are allowed!</h2>
<ul id="stacktrace"><li> at verify (/juice-shop/build/routes/fileServer.js:55:18)</li><li> at /juice-shop/build/routes/fileServer.js:39:13</li><li> at Layer.handle [as handle_request] (/juice-shop/node_modules/express/lib/router/layer.js:95:5)</li><li> at trim_prefix (/juice-shop/node_modules/express/lib/router/index.js:328:13)</li><li> at /juice-shop/node_modules/express/lib/router/index.js:286:9</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:365:14)</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:376:14)</li><li> at Function.process_params (/juice-shop/node_modules/express/lib/router/index.js:421:3)</li><li> at next (/juice-shop/node_modules/express/lib/router/index.js:280:10)</li><li> at /juice-shop/node_modules/serve-index/index.js:145:39</li><li> at FSReqCallback.oncomplete (node:fs:205:5)</li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/eastere.gg |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 294 bytes.
|
GET http://83.212.109.249:3001/ftp/eastere.gg HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 344 bytes.
|
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:13 GMT
Connection: keep-alive
Keep-Alive: timeout=5
content-length: 1936
|
| Response Body
- size: 1,936 bytes.
|
<html>
<head>
<meta charset='utf-8'>
<title>Error: Only .md and .pdf files are allowed!</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
ul li {
list-style: none;
}
#stacktrace {
margin-left: 60px;
}
</style>
</head>
<body>
<div id="wrapper">
<h1>OWASP Juice Shop (Express ^4.17.1)</h1>
<h2><em>403</em> Error: Only .md and .pdf files are allowed!</h2>
<ul id="stacktrace"><li> at verify (/juice-shop/build/routes/fileServer.js:55:18)</li><li> at /juice-shop/build/routes/fileServer.js:39:13</li><li> at Layer.handle [as handle_request] (/juice-shop/node_modules/express/lib/router/layer.js:95:5)</li><li> at trim_prefix (/juice-shop/node_modules/express/lib/router/index.js:328:13)</li><li> at /juice-shop/node_modules/express/lib/router/index.js:286:9</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:365:14)</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:376:14)</li><li> at Function.process_params (/juice-shop/node_modules/express/lib/router/index.js:421:3)</li><li> at next (/juice-shop/node_modules/express/lib/router/index.js:280:10)</li><li> at /juice-shop/node_modules/serve-index/index.js:145:39</li><li> at FSReqCallback.oncomplete (node:fs:205:5)</li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/encrypt.pyc |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 295 bytes.
|
GET http://83.212.109.249:3001/ftp/encrypt.pyc HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 344 bytes.
|
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:13 GMT
Connection: keep-alive
Keep-Alive: timeout=5
content-length: 1936
|
| Response Body
- size: 1,936 bytes.
|
<html>
<head>
<meta charset='utf-8'>
<title>Error: Only .md and .pdf files are allowed!</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
ul li {
list-style: none;
}
#stacktrace {
margin-left: 60px;
}
</style>
</head>
<body>
<div id="wrapper">
<h1>OWASP Juice Shop (Express ^4.17.1)</h1>
<h2><em>403</em> Error: Only .md and .pdf files are allowed!</h2>
<ul id="stacktrace"><li> at verify (/juice-shop/build/routes/fileServer.js:55:18)</li><li> at /juice-shop/build/routes/fileServer.js:39:13</li><li> at Layer.handle [as handle_request] (/juice-shop/node_modules/express/lib/router/layer.js:95:5)</li><li> at trim_prefix (/juice-shop/node_modules/express/lib/router/index.js:328:13)</li><li> at /juice-shop/node_modules/express/lib/router/index.js:286:9</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:365:14)</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:376:14)</li><li> at Function.process_params (/juice-shop/node_modules/express/lib/router/index.js:421:3)</li><li> at next (/juice-shop/node_modules/express/lib/router/index.js:280:10)</li><li> at /juice-shop/node_modules/serve-index/index.js:145:39</li><li> at FSReqCallback.oncomplete (node:fs:205:5)</li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/package.json.bak |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 300 bytes.
|
GET http://83.212.109.249:3001/ftp/package.json.bak HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 344 bytes.
|
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
content-length: 1936
|
| Response Body
- size: 1,936 bytes.
|
<html>
<head>
<meta charset='utf-8'>
<title>Error: Only .md and .pdf files are allowed!</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
ul li {
list-style: none;
}
#stacktrace {
margin-left: 60px;
}
</style>
</head>
<body>
<div id="wrapper">
<h1>OWASP Juice Shop (Express ^4.17.1)</h1>
<h2><em>403</em> Error: Only .md and .pdf files are allowed!</h2>
<ul id="stacktrace"><li> at verify (/juice-shop/build/routes/fileServer.js:55:18)</li><li> at /juice-shop/build/routes/fileServer.js:39:13</li><li> at Layer.handle [as handle_request] (/juice-shop/node_modules/express/lib/router/layer.js:95:5)</li><li> at trim_prefix (/juice-shop/node_modules/express/lib/router/index.js:328:13)</li><li> at /juice-shop/node_modules/express/lib/router/index.js:286:9</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:365:14)</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:376:14)</li><li> at Function.process_params (/juice-shop/node_modules/express/lib/router/index.js:421:3)</li><li> at next (/juice-shop/node_modules/express/lib/router/index.js:280:10)</li><li> at /juice-shop/node_modules/serve-index/index.js:145:39</li><li> at FSReqCallback.oncomplete (node:fs:205:5)</li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/quarantine |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 294 bytes.
|
GET http://83.212.109.249:3001/ftp/quarantine HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 337 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Content-Length: 9620
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 9,592 bytes.
|
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
<title>listing directory /ftp/quarantine</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2, h3 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
h3 {
margin: 5px 0 10px 0;
padding-bottom: 5px;
border-bottom: 1px solid #eee;
font-size: 18px;
}
ul li {
list-style: none;
}
ul li:hover {
cursor: pointer;
color: #2e2e2e;
}
ul li .path {
padding-left: 5px;
font-weight: bold;
}
ul li .line {
padding-right: 5px;
font-style: italic;
}
ul li:first-child .path {
padding-left: 0;
}
p {
line-height: 1.5;
}
a {
color: #555;
text-decoration: none;
}
a:hover {
color: #303030;
}
#stacktrace {
margin-top: 15px;
}
.directory h1 {
margin-bottom: 15px;
font-size: 18px;
}
ul#files {
width: 100%;
height: 100%;
overflow: hidden;
}
ul#files li {
float: left;
width: 30%;
line-height: 25px;
margin: 1px;
}
ul#files li a {
display: block;
height: 25px;
border: 1px solid transparent;
-webkit-border-radius: 5px;
-moz-border-radius: 5px;
border-radius: 5px;
overflow: hidden;
white-space: nowrap;
}
ul#files li a:focus,
ul#files li a:hover {
background: rgba(255,255,255,0.65);
border: 1px solid #ececec;
}
ul#files li a.highlight {
-webkit-transition: background .4s ease-in-out;
background: #ffff4f;
border-color: #E9DC51;
}
#search {
display: block;
position: fixed;
top: 20px;
right: 20px;
width: 90px;
-webkit-transition: width ease 0.2s, opacity ease 0.4s;
-moz-transition: width ease 0.2s, opacity ease 0.4s;
-webkit-border-radius: 32px;
-moz-border-radius: 32px;
-webkit-box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.25), inset 0px 1px 3px rgba(0, 0, 0, 0.7), 0px 1px 0px rgba(255, 255, 255, 0.03);
-moz-box-shadow: inset 0px 0px 3px rgba(0, 0, 0, 0.25), inset 0px 1px 3px rgba(0, 0, 0, 0.7), 0px 1px 0px rgba(255, 255, 255, 0.03);
-webkit-font-smoothing: antialiased;
text-align: left;
font: 13px "Helvetica Neue", Arial, sans-serif;
padding: 4px 10px;
border: none;
background: transparent;
margin-bottom: 0;
outline: none;
opacity: 0.7;
color: #888;
}
#search:focus {
width: 120px;
opacity: 1.0;
}
/*views*/
#files span {
display: inline-block;
overflow: hidden;
text-overflow: ellipsis;
text-indent: 10px;
}
#files .name {
background-repeat: no-repeat;
}
#files .icon .name {
text-indent: 28px;
}
/*tiles*/
.view-tiles .name {
width: 100%;
background-position: 8px 5px;
}
.view-tiles .size,
.view-tiles .date {
display: none;
}
/*details*/
ul#files.view-details li {
float: none;
display: block;
width: 90%;
}
ul#files.view-details li.header {
height: 25px;
background: #000;
color: #fff;
font-weight: bold;
}
.view-details .header {
border-radius: 5px;
}
.view-details .name {
width: 60%;
background-position: 8px 5px;
}
.view-details .size {
width: 10%;
}
.view-details .date {
width: 30%;
}
.view-details .size,
.view-details .date {
text-align: right;
direction: rtl;
}
/*mobile*/
@media (max-width: 768px) {
body {
font-size: 13px;
line-height: 16px;
padding: 0;
}
#search {
position: static;
width: 100%;
font-size: 2em;
line-height: 1.8em;
text-indent: 10px;
border: 0;
border-radius: 0;
padding: 10px 0;
margin: 0;
}
#search:focus {
width: 100%;
border: 0;
opacity: 1;
}
.directory h1 {
font-size: 2em;
line-height: 1.5em;
color: #fff;
background: #000;
padding: 15px 10px;
margin: 0;
}
ul#files {
border-top: 1px solid #cacaca;
}
ul#files li {
float: none;
width: auto !important;
display: block;
border-bottom: 1px solid #cacaca;
font-size: 2em;
line-height: 1.2em;
text-indent: 0;
margin: 0;
}
ul#files li:nth-child(odd) {
background: #e0e0e0;
}
ul#files li a {
height: auto;
border: 0;
border-radius: 0;
padding: 15px 10px;
}
ul#files li a:focus,
ul#files li a:hover {
border: 0;
}
#files .header,
#files .size,
#files .date {
display: none !important;
}
#files .name {
float: none;
display: inline-block;
width: 100%;
text-indent: 0;
background-position: 0 50%;
}
#files .icon .name {
text-indent: 41px;
}
}
#files .icon-directory .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAALGPC/xhBQAAAWtQTFRFAAAA/PPQ9Nhc2q402qQ12qs2/PTX2pg12p81+/LM89NE9dto2q82+/fp2rM22qY39d6U+/bo2qo2/frx/vz32q812qs12qE279SU8c4w9NZP+/LK//367s9y7s925cp0/vzw9t92//342po2/vz25s1579B6+OSO2bQ0/v799NyT8tE79dld8Msm+OrC/vzx79KA2IYs7s6I9d6R4cJe9+OF/PLI/fry79OF/v30//328tWB89RJ8c9p8c0u9eCf//7+9txs6sts5Mdr+++5+u2z/vrv+/fq6cFz8dBs8tA57cpq+OaU9uGs27Y8//799NdX/PbY9uB89unJ//z14sNf+emh+emk+vDc+uys9+OL8dJy89NH+eic8tN5+OaV+OWR9N2n9dtl9t529+KF9+GB9Nue9NdU8tR/9t5y89qW9dpj89iO89eG/vvu2pQ12Y4z/vzy2Ict/vvv48dr/vzz4sNg///+2Igty3PqwQAAAAF0Uk5TAEDm2GYAAACtSURBVBjTY2AgA2iYlJWVhfohBPg0yx38y92dS0pKVOVBAqIi6sb2vsWWpfrFeTI8QAEhYQEta28nCwM1OVleZqCAmKCEkUdwYWmhQnFeOStQgL9cySqkNNDHVJGbiY0FKCCuYuYSGRsV5KgjxcXIARRQNncNj09JTgqw0ZbkZAcK5LuFJaRmZqfHeNnpSucDBQoiEtOycnIz4qI9bfUKQA6pKKqAgqIKQyK8BgAZ5yfODmnHrQAAAABJRU5ErkJggg==);
}
#files .icon-default .name {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAC4SURBVCjPdZFbDsIgEEWnrsMm7oGGfZrohxvU+Iq1TyjU60Bf1pac4Yc5YS4ZAtGWBMk/drQBOVwJlZrWYkLhsB8UV9K0BUrPGy9cWbng2CtEEUmLGppPjRwpbixUKHBiZRS0p+ZGhvs4irNEvWD8heHpbsyDXznPhYFOyTjJc13olIqzZCHBouE0FRMUjA+s1gTjaRgVFpqRwC8mfoXPPEVPS7LbRaJL2y7bOifRCTEli3U7BMWgLzKlW/CuebZPAAAAAElFTkSuQmCC);
}
</style>
<script>
function $(id){
var el = 'string' == typeof id
? document.getElementById(id)
: id;
el.on = function(event, fn){
if ('content loaded' == event) {
event = window.attachEvent ? "load" : "DOMContentLoaded";
}
el.addEventListener
? el.addEventListener(event, fn, false)
: el.attachEvent("on" + event, fn);
};
el.all = function(selector){
return $(el.querySelectorAll(selector));
};
el.each = function(fn){
for (var i = 0, len = el.length; i < len; ++i) {
fn($(el[i]), i);
}
};
el.getClasses = function(){
return this.getAttribute('class').split(/\s+/);
};
el.addClass = function(name){
var classes = this.getAttribute('class');
el.setAttribute('class', classes
? classes + ' ' + name
: name);
};
el.removeClass = function(name){
var classes = this.getClasses().filter(function(curr){
return curr != name;
});
this.setAttribute('class', classes.join(' '));
};
return el;
}
function search() {
var str = $('search').value.toLowerCase();
var links = $('files').all('a');
links.each(function(link){
var text = link.textContent.toLowerCase();
if ('..' == text) return;
if (str.length && ~text.indexOf(str)) {
link.addClass('highlight');
} else {
link.removeClass('highlight');
}
});
}
$(window).on('content loaded', function(){
$('search').on('keyup', search);
});
</script>
</head>
<body class="directory">
<input id="search" type="text" placeholder="Search" autocomplete="off" />
<div id="wrapper">
<h1><a href="./..">~</a> / <a href=".">ftp</a> / <a href="quarantine">quarantine</a></h1>
<ul id="files" class="view-tiles"><li><a href="." class="icon icon-directory" title=".."><span class="name">..</span><span class="size"></span><span class="date"></span></a></li>
<li><a href="quarantine/juicy_malware_linux_amd_64.url" class="icon icon icon-url icon-default" title="juicy_malware_linux_amd_64.url"><span class="name">juicy_malware_linux_amd_64.url</span><span class="size">166</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="quarantine/juicy_malware_linux_arm_64.url" class="icon icon icon-url icon-default" title="juicy_malware_linux_arm_64.url"><span class="name">juicy_malware_linux_arm_64.url</span><span class="size">166</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="quarantine/juicy_malware_macos_64.url" class="icon icon icon-url icon-default" title="juicy_malware_macos_64.url"><span class="name">juicy_malware_macos_64.url</span><span class="size">162</span><span class="date">4/22/2024 12:39:10 PM</span></a></li>
<li><a href="quarantine/juicy_malware_windows_64.exe.url" class="icon icon icon-url icon-default" title="juicy_malware_windows_64.exe.url"><span class="name">juicy_malware_windows_64.exe.url</span><span class="size">168</span><span class="date">4/22/2024 12:39:10 PM</span></a></li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/ftp/suspicious_errors.yml |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 305 bytes.
|
GET http://83.212.109.249:3001/ftp/suspicious_errors.yml HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 344 bytes.
|
HTTP/1.1 403 Forbidden
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
content-length: 1936
|
| Response Body
- size: 1,936 bytes.
|
<html>
<head>
<meta charset='utf-8'>
<title>Error: Only .md and .pdf files are allowed!</title>
<style>* {
margin: 0;
padding: 0;
outline: 0;
}
body {
padding: 80px 100px;
font: 13px "Helvetica Neue", "Lucida Grande", "Arial";
background: #ECE9E9 -webkit-gradient(linear, 0% 0%, 0% 100%, from(#fff), to(#ECE9E9));
background: #ECE9E9 -moz-linear-gradient(top, #fff, #ECE9E9);
background-repeat: no-repeat;
color: #555;
-webkit-font-smoothing: antialiased;
}
h1, h2 {
font-size: 22px;
color: #343434;
}
h1 em, h2 em {
padding: 0 5px;
font-weight: normal;
}
h1 {
font-size: 60px;
}
h2 {
margin-top: 10px;
}
ul li {
list-style: none;
}
#stacktrace {
margin-left: 60px;
}
</style>
</head>
<body>
<div id="wrapper">
<h1>OWASP Juice Shop (Express ^4.17.1)</h1>
<h2><em>403</em> Error: Only .md and .pdf files are allowed!</h2>
<ul id="stacktrace"><li> at verify (/juice-shop/build/routes/fileServer.js:55:18)</li><li> at /juice-shop/build/routes/fileServer.js:39:13</li><li> at Layer.handle [as handle_request] (/juice-shop/node_modules/express/lib/router/layer.js:95:5)</li><li> at trim_prefix (/juice-shop/node_modules/express/lib/router/index.js:328:13)</li><li> at /juice-shop/node_modules/express/lib/router/index.js:286:9</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:365:14)</li><li> at param (/juice-shop/node_modules/express/lib/router/index.js:376:14)</li><li> at Function.process_params (/juice-shop/node_modules/express/lib/router/index.js:421:3)</li><li> at next (/juice-shop/node_modules/express/lib/router/index.js:280:10)</li><li> at /juice-shop/node_modules/serve-index/index.js:145:39</li><li> at FSReqCallback.oncomplete (node:fs:205:5)</li></ul>
</div>
</body>
</html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 395 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 372 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/main.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 374 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/main.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/polyfills.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 379 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/polyfills.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/runtime.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 377 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/runtime.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/styles.css |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 377 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/styles.css HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/assets/public/vendor.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 376 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/assets/public/vendor.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:39:13 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 343 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:39:13 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 343 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/main.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 351 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/main.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/polyfills.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 356 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/polyfills.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/runtime.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 354 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/runtime.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/styles.css |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 354 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/styles.css HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/build/routes/vendor.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 353 bytes.
|
GET http://83.212.109.249:3001/juice-shop/build/routes/vendor.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 433 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 404 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/main.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 412 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/main.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 417 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/runtime.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 415 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/runtime.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/styles.css |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 415 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/styles.css HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/vendor.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 414 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/vendor.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:280:10 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 349 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:280:10 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/eastere.gg
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:286:9 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 357 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:286:9 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:328:13 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 358 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:328:13 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:365:14 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 358 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:365:14 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:376:14 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 349 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:376:14 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/eastere.gg
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:421:3 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 357 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:421:3 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 356 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:14 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/main.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 383 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/main.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/polyfills.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 388 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/polyfills.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/runtime.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 386 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/runtime.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/styles.css |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 386 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/styles.css HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/vendor.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 385 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/vendor.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 419 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 392 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/main.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 398 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/main.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/polyfills.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 403 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/polyfills.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/runtime.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 401 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/runtime.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/styles.css |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 401 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/styles.css HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/vendor.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 400 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/vendor.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39 |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 351 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39 HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/ftp/coupons_2013.md.bak
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/main.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 371 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/main.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/polyfills.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 376 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/polyfills.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/runtime.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 374 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/runtime.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/styles.css |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 374 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/styles.css HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:15 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/juice-shop/node_modules/serve-index/vendor.js |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 373 bytes.
|
GET http://83.212.109.249:3001/juice-shop/node_modules/serve-index/vendor.js HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
referer: http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/sitemap.xml |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 250 bytes.
|
GET http://83.212.109.249:3001/sitemap.xml HTTP/1.1
host: 83.212.109.249:3001
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
pragma: no-cache
cache-control: no-cache
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 466 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Feature-Policy: payment 'self'
X-Recruiting: /#/jobs
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 May 2024 07:58:10 GMT
ETag: W/"ea4-18fc35b467e"
Content-Type: text/html; charset=UTF-8
Content-Length: 3748
Vary: Accept-Encoding
Date: Thu, 30 May 2024 13:35:08 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 3,748 bytes.
|
<!--
~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
~ SPDX-License-Identifier: MIT
--><!DOCTYPE html><html lang="en"><head>
<meta charset="utf-8">
<title>OWASP Juice Shop</title>
<meta name="description" content="Probably the most modern and sophisticated insecure web application">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
<script>
window.addEventListener("load", function(){
window.cookieconsent.initialise({
"palette": {
"popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
"button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
},
"theme": "classic",
"position": "bottom-right",
"content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
})});
</script>
<style>.bluegrey-lightgreen-theme{--theme-primary:#546e7a;--theme-primary-lighter:#607e8c;--theme-primary-light:#698998;--theme-primary-darker:#485e68;--theme-primary-dark:#3f535c;--theme-primary-fade-10:rgba(84, 110, 122, .9);--theme-primary-fade-20:rgba(84, 110, 122, .8);--theme-primary-fade-30:rgba(84, 110, 122, .7);--theme-primary-fade-40:rgba(84, 110, 122, .6);--theme-primary-fade-50:rgba(84, 110, 122, .5);--theme-accent:#689f38;--theme-accent-lighter:#77b640;--theme-accent-light:#81bf4b;--theme-accent-darker:#598830;--theme-accent-dark:#4f792b;--theme-accent-fade-10:rgba(104, 159, 56, .9);--theme-accent-fade-20:rgba(104, 159, 56, .8);--theme-accent-fade-30:rgba(104, 159, 56, .7);--theme-accent-fade-40:rgba(104, 159, 56, .6);--theme-accent-fade-50:rgba(104, 159, 56, .5);--theme-warn:#ff5722;--theme-warn-lighter:#ff6e41;--theme-warn-light:#ff7e55;--theme-warn-darker:#ff4003;--theme-warn-dark:#ee3900;--theme-warn-fade-10:rgba(255, 87, 34, .9);--theme-warn-fade-20:rgba(255, 87, 34, .8);--theme-warn-fade-30:rgba(255, 87, 34, .7);--theme-warn-fade-40:rgba(255, 87, 34, .6);--theme-warn-fade-50:rgba(255, 87, 34, .5);--theme-text:white;--theme-text-lighter:white;--theme-text-light:white;--theme-text-darker:#e6e6e6;--theme-text-dark:#bfbfbf;--theme-text-fade-10:rgba(255, 255, 255, .9);--theme-text-fade-20:rgba(255, 255, 255, .8);--theme-text-fade-30:rgba(255, 255, 255, .7);--theme-text-fade-40:rgba(255, 255, 255, .6);--theme-text-fade-50:rgba(255, 255, 255, .5);--theme-text-invert-15:#d9d9d9;--theme-text-invert-30:#b3b3b3;--theme-background:#424242;--theme-background-lighter:#515151;--theme-background-light:#5c5c5c;--theme-background-darker:#333333;--theme-background-dark:#292929;--theme-background-darkest:#1e1e1e}.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
<app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>
</body></html>
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=websocket&sid=XDs4qc8WdSz1SZaYAAGk |
| Method |
GET |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 517 bytes.
|
GET http://83.212.109.249:3001/socket.io/?EIO=4&transport=websocket&sid=XDs4qc8WdSz1SZaYAAGk HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Sec-WebSocket-Version: 13
Origin: http://83.212.109.249:3001
Sec-WebSocket-Key: vJtGDEtLm99n1PMLKfEf5A==
Connection: keep-alive, Upgrade
Cookie: language=en; welcomebanner_status=dismiss
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
| Request Body
- size: 0 bytes.
|
|
| Response Header
- size: 92 bytes.
|
HTTP/1.1 400 Bad Request
Connection: close
Content-type: text/html
Content-Length: 18
|
| Response Body
- size: 18 bytes.
|
Session ID unknown
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jdMl&sid=dzh6GFQ-5Hjqn77bAAFi |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jdMl&sid=dzh6GFQ-5Hjqn77bAAFi HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:29 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jdwE&sid=x-rMJgmhW5uFvkBqAAFk |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 449 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jdwE&sid=x-rMJgmhW5uFvkBqAAFk HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:31 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jeQH&sid=UgvLTA13bnTNStDxAAFm |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jeQH&sid=UgvLTA13bnTNStDxAAFm HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:34 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jesZ&sid=X_LjqKUekVZEUm6jAAFo |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jesZ&sid=X_LjqKUekVZEUm6jAAFo HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:35 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jfMQ&sid=YVmN6z5-i-cLlfb0AAFq |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jfMQ&sid=YVmN6z5-i-cLlfb0AAFq HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:37 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jfqr&sid=BwU6VebhjW2ZmTJLAAFs |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jfqr&sid=BwU6VebhjW2ZmTJLAAFs HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:39 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgbl&sid=C9pxj7667ak4ElDXAAFz |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 449 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgbl&sid=C9pxj7667ak4ElDXAAFz HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:42 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgIp&sid=YQDCIc_vAs7s9UkwAAFu |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgIp&sid=YQDCIc_vAs7s9UkwAAFu HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:42 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgLn&sid=jcmVO4dVXIT-3TOlAAFv |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgLn&sid=jcmVO4dVXIT-3TOlAAFv HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:41 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgR5&sid=JEbLLwnIg3LjE956AAFw |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgR5&sid=JEbLLwnIg3LjE956AAFw HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:41 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgvh&sid=Fz9xG4f304vfPIFdAAF2 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgvh&sid=Fz9xG4f304vfPIFdAAF2 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:43 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhM_&sid=ircBqSGfF6i1eh4LAAF5 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 449 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhM_&sid=ircBqSGfF6i1eh4LAAF5 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:46 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=oRSDOYS87TVsdpS5AAF4 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=oRSDOYS87TVsdpS5AAF4 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:46 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhre&sid=rQ8n9bKhVoMnZzVqAAF8 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhre&sid=rQ8n9bKhVoMnZzVqAAF8 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:47 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhtz&sid=6md6cZPDbOTL8kA4AAF9 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhtz&sid=6md6cZPDbOTL8kA4AAF9 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:47 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiA-&sid=bzzlf42LCnuE8YRhAAGB |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiA-&sid=bzzlf42LCnuE8YRhAAGB HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:49 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiaT&sid=vr_XiVG0kWUfU3miAAGE |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiaT&sid=vr_XiVG0kWUfU3miAAGE HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:50 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiB4&sid=ICephQEqajXidCI9AAGA |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiB4&sid=ICephQEqajXidCI9AAGA HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:49 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jibS&sid=LXi0b5zbD2uPF_1wAAGF |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jibS&sid=LXi0b5zbD2uPF_1wAAGF HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:50 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jisi&sid=RQ3tx66nAHx-1T99AAGJ |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jisi&sid=RQ3tx66nAHx-1T99AAGJ HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:51 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jitr&sid=m3ljiLDaQCNrusGbAAGK |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jitr&sid=m3ljiLDaQCNrusGbAAGK HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:51 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiuV&sid=iTq19Prhofu3WRc6AAGI |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiuV&sid=iTq19Prhofu3WRc6AAGI HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:51 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jivg&sid=swS8xiEhDtG-gjf9AAGL |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jivg&sid=swS8xiEhDtG-gjf9AAGL HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:52 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jj7O&sid=9Rq6Ygc2rb9B-I57AAGQ |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jj7O&sid=9Rq6Ygc2rb9B-I57AAGQ HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:52 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjAO&sid=stFuRTmj5ftbqE5DAAGS |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjAO&sid=stFuRTmj5ftbqE5DAAGS HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:55 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjrM&sid=m5eLqvGaL5jlyfljAAGX |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjrM&sid=m5eLqvGaL5jlyfljAAGX HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:55 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjvj&sid=ESW87syAJz_HNbs4AAGY |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjvj&sid=ESW87syAJz_HNbs4AAGY HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:56 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjWO&sid=UOvZYge4fZlvJrXlAAGT |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjWO&sid=UOvZYge4fZlvJrXlAAGT HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjXF&sid=pO5oXSpuBhvYLR5JAAGU |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjXF&sid=pO5oXSpuBhvYLR5JAAGU HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkA3&sid=Q8zPnEbA7AqbE-AVAAGd |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkA3&sid=Q8zPnEbA7AqbE-AVAAGd HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:57 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=iyXeBUil7b3JLYcgAAGe |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=iyXeBUil7b3JLYcgAAGe HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:57 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkL1&sid=AUBufidV7Xu2iZQYAAGh |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkL1&sid=AUBufidV7Xu2iZQYAAGh HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:57 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkUx&sid=WJtHiW-DQZ1T3FzPAAGm |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkUx&sid=WJtHiW-DQZ1T3FzPAAGm HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:58 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkW4&sid=G6_arwirWv6zE3sVAAGj |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkW4&sid=G6_arwirWv6zE3sVAAGj HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:58 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkWN&sid=dZrCgW1RREDXBmEcAAGl |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkWN&sid=dZrCgW1RREDXBmEcAAGl HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:03 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkx3&sid=oicUGLWQ8zqxLYu-AAGq |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkx3&sid=oicUGLWQ8zqxLYu-AAGq HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:00 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkXg&sid=XDs4qc8WdSz1SZaYAAGk |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkXg&sid=XDs4qc8WdSz1SZaYAAGk HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:35:58 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jl3E&sid=1rzP5Fw3pWWcNjyYAAGs |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jl3E&sid=1rzP5Fw3pWWcNjyYAAGs HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:01 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jl8n&sid=tjMMZNG7r9vtvAiGAAGu |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jl8n&sid=tjMMZNG7r9vtvAiGAAGu HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:01 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlco&sid=_iMS3mwcdn5jXzvoAAGz |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlco&sid=_iMS3mwcdn5jXzvoAAGz HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:03 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 1
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 1 bytes.
|
1
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:02 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlh6&sid=vD9Rp6fFpQO3CrNkAAG3 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 449 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlh6&sid=vD9Rp6fFpQO3CrNkAAG3 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:03 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlHX&sid=IVOPNp79ybKVX9w_AAGw |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlHX&sid=IVOPNp79ybKVX9w_AAGw HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:02 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlka&sid=smjCrULOSmnglxCZAAG5 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlka&sid=smjCrULOSmnglxCZAAG5 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:03 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlq7&sid=1IPVMx647gC7hjOuAAG6 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlq7&sid=1IPVMx647gC7hjOuAAG6 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:04 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlsE&sid=FyM8yP4UNTckYf2NAAG8 |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlsE&sid=FyM8yP4UNTckYf2NAAG8 HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; cookieconsent_status=dismiss; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:04 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlZK&sid=ldeeeo_dBj2F-1qzAAGy |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 479 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlZK&sid=ldeeeo_dBj2F-1qzAAGy HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:02 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jmDz&sid=6irGIzq91IslKF8kAAG_ |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 509 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jmDz&sid=6irGIzq91IslKF8kAAG_ HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
Cookie: language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:05 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| URL |
http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA |
| Method |
POST |
| Parameter |
|
| Attack |
|
| Evidence |
|
| Other Info |
|
|
|
|
| Request Header
- size: 428 bytes.
|
POST http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA HTTP/1.1
host: 83.212.109.249:3001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Referer: http://83.212.109.249:3001/
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: http://83.212.109.249:3001
Connection: keep-alive
|
| Request Body
- size: 2 bytes.
|
40
|
| Response Header
- size: 213 bytes.
|
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:4200
Vary: Origin
Content-Type: text/html
Content-Length: 2
Date: Thu, 30 May 2024 13:36:06 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
| Response Body
- size: 2 bytes.
|
ok
|
| Instances |
107 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
|
| Reference |
https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
http://www.w3.org/TR/CSP/
http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://caniuse.com/#feat=contentsecuritypolicy
http://content-security-policy.com/
|
| Tags |
OWASP_2021_A05
OWASP_2017_A06
|
| CWE Id |
693 |
| WASC Id |
15 |
| Plugin Id |
10038 |